[prev in list] [next in list] [prev in thread] [next in thread]
List: proftpd-users
Subject: [Proftpd-user] Proftpd and between user switch
From: Egoitz Aurrekoetxea <egoitz () ramattack ! net>
Date: 2009-01-03 14:20:07
Message-ID: 495F7417.2040403 () ramattack ! net
[Download RAW message or body]
Hi all!!!
I'm going to install a new proftpd+mysql machine. I have seen some
proftpd servers wich has all mysql users but with the same uid and gid
and that uid and gid matches with some uid gid existing in passwd and
group files. I have been looking at proftpd behaviour and have seen that
proftpd listens as nobody (the user set in proftpd.conf) and when a user
logs on it creates a child with uid and gid the uid/gid of the looged in
user (uid/gid listed in mysql ftpuser table for the logged user). Some
howtos use the same uid/gid for all mysql users... but I think this
could be insecure... because if perhaps someday appears a bug any user
could modify any user files.... so I have think to assign a unique
uid/gid in ftpusers table for each mysql user (and to create a group
with that gid in ftpgroup table)... obviously this uid/gid woun't match
with any uid/gid of any user in passwd or group of group file. Is this
OK? I think if you set in proftpd.conf that all files to be 750 or 755
for example well if some user can go to other user home (because of a
bug) unless can't write to that homedir... am I wrong? (if this is OK
perhaps I'll apply a 750 because this way other users can't see other
users files... just they're files). My question is... is this OK or
could this idea run into troubles of any kind?
Thanks a lot mates!!
Bye!!!
------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List <proftpd-users@proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic